I have the following scenario and I would like to ask for advice.
We are designing a wireless network with "private" and "public" access. "Private" can access the Internet and the Intranet and "Public" can only access the Internet. After authentication we want to tunnel the traffic from the "Public" WLAN to a secure point, it could be a Firewall, an IPS or a Wireless Controller.
My understanding is that the scenario can be built using Light Access Points and Wireless Controllers by tunnelling the traffic of the SSID Public and Private from the AP to the Controller but I have found any configuration document to verify it.
Also, we would like to build a pilot with a single AP. In this case, it is possible to create a tunnel (may be GRE) between the AP and a FW or a router? Also for this pilot we would need an AP capable to work standalone or with a controller. Is the Cisco Aironet 1240G suitable for this?
Finally, any link about similar scenarios and how to configure them would be very appreciated.